<?php
// +----------------------------------------------------------------------
// | Author: sunjiafu <sunjiafu@prope.com.cn>
// | Date: 2015年4月3日
// +----------------------------------------------------------------------
/**
 * 验证输入参数 
 *
 */
namespace Lib;

class CheckInput{
	var $CnName; // 中文名
	var $CheckType; // 过滤类型
	var $data; // 要过滤的变量
	var $res; // 反回的数组
	var $LengMin;
	var $postfilter = "<[^>]*?=[^>]*?&#[^>]*?>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\()|<[^>]*?\\b(onerror|onmousemove|onload|onclick|onmouseover)\\b[^>]*?>|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\s+?[\\w]+?\\s+?\\bin\\b\\s*?\(|\\blike\\b\\s+?[\"'])|\\/\\*.+?\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
	var $htcontentfilter = "<[^>]*?=[^>]*?&#[^>]*?>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\()|<[^>]*?\\b(onerror|onmousemove|onload|onclick|onmouseover)\\b[^>]*?>|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\s+?[\\w]+?\\s+?\\bin\\b\\s*?\(|\\blike\\b\\s+?[\"'])|\\/\\*.+?\\*\\/|<\\s*scriiipt\\b|\\bEXEC\\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
	function __construct() {
	}
	function check() {
		switch ($this->CheckType) {
			case 'intval' :
				$this->_intval (); 
				break;
			case 'date' :
				$this->_date ();
				break;
			case 'time' :
				$this->_time ();
				break;
			case 'datetime' :
				$this->_datetime ();
				break;
			case 'password' :
				$this->_password ();
				break;
			case 'string' :
				$this->_string ();
				break;
			case 'enstr' :
				$this->_enstr ();
				break;
			case 'numstr' :
				$this->_numstr ();
				break;
			case 'ennumstr' :
				$this->_ennumstr ();
				break;
			case 'cnennumstr' :
				$this->_cnennumstr ();
				break;
			case 'htcontent' :
				$this->_htcontent ();
				break;
			case 'float' :
				$this->_float ();
				break;
			case 'bool' :
				$this->_bool ();
				break;
			case 'email' :
				$this->_email ();
				break;
			case 'saveimage' :
				$this->_saveimage ();
				break;
			case 'uploadFile' :
				$this->_uploadFile();
				break;
			case 'shenfenzheng':
				$this->_shenfenzheng();
				break;
			default :
				// 处理特殊值 如 float(11,2)
				if ((strpos ( $this->CheckType, 'float' )) !== false) {
					$this->_floatex ();
				} elseif (false) {
				} else {
					$this->res ['ok'] = false;
					$this->res ['error'] = '函数过滤方法填写错误';
				}
		}
		return $this->res;
	}
	private function _saveimage() {
		if (C ( 'CheckInputsaveimage' ) == NULL) {
			// echo '===================';
			$upload = new \Think\Upload (); // 实例化上传类
			$upload->autoSub = true; // 是否使用子目录保存上传文件
			$upload->subType = 'date'; // 子目录创建方式，默认为hash，可以设置为hash或者date
			$upload->dateFormat = 'd'; // 子目录方式为date的时候指定日期格式
			$upload->maxSize = 1887437; // 设置附件上传大小
			$upload->exts = array (
					'jpg',
					'gif',
					'png',
					'jpeg' 
			); // 设置附件上传类型
			$upload->rootPath = 'uploads'; // 设置附件上传根目录
			$upload->savePath = '/images/' . date ( 'Y-m', time () ) . '/'; // 设置附件上传目录
			$upload->replace = true;
			// $upload->mimes = array('image/jpeg','image/jpg','image/gif','image/png'); //允许上传的文件类型（留空为不限制）
			// $upload->callback=true;
			$info = $upload->upload ();
			if (! $info) { // 上传错误提示错误信息
				$error = $upload->getError ();
				if (strpos ( $error, '没有文件被上传' ) !== false) {
					// echo '没有文件上传';
				} else {
					$this->res ['ok'] = false;
					$this->res ['error'] = '【 ' . $this->CnName . ' 】' . $error;
					return 0;
				}
			}
			C ( 'CheckInputsaveimage', $info );
		} else {
			$info = C ( 'CheckInputsaveimage' );
		}
		
		// dump($info);
		// dump($this->data);
		
		$savefile = $info [$this->data] ["savepath"] . $info [$this->data] ["savename"];
		
		if ($savefile == '' || $savefile == null) {
			$savefile = '';
			if ($this->LengMin > 0) {
				$this->res ['ok'] = false;
				$this->res ['error'] = '【 ' . $this->CnName . ' 】必须上传,请重输！';
				return 0;
			}
		} else {
			// $savefile='/uploads'.$savefile;
			$savefile = 'uploads' . $savefile;
		}
		
		$this->res ['ok'] = true;
		$this->res ['data'] = $savefile;
		
		// die();
		// 保存表单数据 包括附件数据
		// return $savePath.$info[0]['savename']; // 保存上传的照片根据需要自行组装
	}
	
	/*
	 * 上传文件($_File)
	 */
	private function _uploadFile(){
		$upload = new \Think\Upload (); // 实例化上传类
		$upload->autoSub = true; // 是否使用子目录保存上传文件
		$upload->subType = 'date'; // 子目录创建方式，默认为hash，可以设置为hash或者date
		$upload->dateFormat = 'd'; // 子目录方式为date的时候指定日期格式
		$upload->maxSize = 1887437; // 设置附件上传大小
		$upload->exts = array (
				'jpg',
				'gif',
				'png',
				'jpeg'
		); // 设置附件上传类型
		$upload->rootPath = 'uploads'; // 设置附件上传根目录
		$upload->savePath = '/images/' . date ( 'Y-m', time () ) . '/'; // 设置附件上传目录
		$upload->replace = true;
		$info = $upload->upload ();
		if (! $info) { // 上传错误提示错误信息
			$error = $upload->getError ();
			if (strpos ( $error, '没有文件被上传' ) !== false) {
				// echo '没有文件上传';
			} else {
				$this->res ['ok'] = false;
				$this->res ['error'] = '【 ' . $this->CnName . ' 】' . $error;
				return 0;
			}
		}
		
		$savefile = $info [key($info)] ["savepath"] . $info [key($info)] ["savename"];
		
		if ($savefile == '' || $savefile == null) {
			$savefile = '';
			if ($this->LengMin > 0) {
				$this->res ['ok'] = false;
				$this->res ['error'] = '【 ' . $this->CnName . ' 】必须上传,请重输！';
				return 0;
			}
		} else {
			$savefile = 'uploads' . $savefile;
		}
		
		$this->res ['ok'] = true;
		$this->res ['data'] = $savefile;
		
	}
	
	private function _htcontent() {
		// if (preg_match("/".$this->htcontentfilter."/is",$this->data)==1){
		// $this->res['ok']=false;
		// $this->res['error']='【 '.$this->CnName.' 】包含非法字符,请重输！';
		// return 0;
		// }
		$this->res ['ok'] = true;
		$this->res ['data'] = ($this->data);
	}
	private function _cnennumstr() {
		if (preg_match ( "/" . $this->postfilter . "/is", $this->data ) == 1) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】包含非法字符,请重输！';
			return 0;
		}
		// if(!preg_match("/^[0-9a-zA-Z_]{1,}$/",$this->data)){
		// if(!preg_match("/^[\x{4e00}-\x{9fa5}]+$/u",$this->data)){
		if (! preg_match ( "/^[\x80-\xff_a-zA-Z0-9]+$/", $this->data )) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】不能包含特殊字符,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = ($this->data);
	}
	private function _string() {
		if (preg_match ( "/" . $this->postfilter . "/is", $this->data ) == 1) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】包含非法字符,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = ($this->data);
	}
	private function _ennumstr() {
		if (preg_match ( "/" . $this->postfilter . "/is", $this->data ) == 1) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】包含非法字符,请重输！';
			return 0;
		}
		if (! preg_match ( "/^[0-9a-zA-Z_]{1,}$/", $this->data )) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】只能输入数字,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
	}
	private function _numstr() {
		if (! preg_match ( "/^[-]{0,1}[0-9]{1,}$/", $this->data )) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】只能输入整数,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
	}
	private function _enstr() {
		if (preg_match ( "/" . $this->htcontentfilter . "/is", $this->data ) == 1) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】包含非法字符,请重输！';
			return 0;
		}
		if (! preg_match ( "/^[a-zA-Z]{1,}$/", $this->data )) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】只能输入英文字母,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
	}
	private function _email() {
		if (preg_match ( "/" . $this->postfilter . "/is", $this->data ) == 1) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】包含非法字符,请重输！';
			return 0;
		}
		if (! preg_match ( "/^[_.0-9a-z-]+@([0-9a-z][0-9a-z-]+.)+[a-z]{2,3}$/", $this->data )) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】格式错误,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
	}
	private function _floatex() {
		$pa = '/float\((.*),(.*)\)/';
		preg_match_all ( $pa, $this->CheckType, $ma );
		// dump($ma[1][0]);
		// dump($ma[2][0]);
		if (! preg_match ( "/^[-]{0,1}\d{0," . $ma [1] [0] . "}\.{0,1}(\d{0," . $ma [2] [0] . "})?$/", $this->data )) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】只能输入整数或小数,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
	}
	private function _float() {
		try {
			$str = ( double ) ($this->data);
		} catch ( Exception $e ) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】只能输入整数或小数,请重输！';
			return 0;
		}
		if (( string ) ($str) != $this->data) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】只能输入整数或小数,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
	}
	private function _bool() {
		if ($this->data == 0) {
			$this->res ['data'] = 0;
		} else {
			$this->res ['data'] = 1;
		}
		$this->res ['ok'] = true;
	}
	
	private function _password() {
	    
		if(!$this->_checkPassword($this->data)){
		    
		    $this->res ['ok'] = false;
		    
		    $this->res ['error'] = '【 ' . $this->CnName . ' 】 必须包含数字,大写,小写,特出符号中的三种！';
		    
		    return 0;
		    
		}
		
		$this->res ['ok'] = true;
		
		$this->res ['data'] =  md5 ( $this->data );
	}
	private function _intval() {
		if (! preg_match ( "/^[-]{0,1}[0-9]{1,}$/", $this->data )) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】只能输入整数,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
		/*
		 * if( strval($this->data) == strval(intval($this->data)) ){ $this->res['ok']=true; $this->res['data']=$this->data; }else{ $this->res['ok']=false; $this->res['error']='【 '.$this->CnName.' 】只能输入数字,请重输！'; }
		 */
	}
	private function _date() {
		if (! preg_match ( '/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}$/', $this->data )) {
			if (! preg_match ( '/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}$/', $this->data )) {
				$this->res ['ok'] = false;
				$this->res ['error'] = '【 ' . $this->CnName . ' 】格式错误,请重输！';
				return 0;
			}
		}
		if (strtotime ( $this->data ) === false) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】格式错误,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
	}
	private function _time() {
		if (! preg_match ( '/^[0-2]{0,1}[0-9]{1}[:]{1}[0-5]{0,1}[0-9]{1}[:]{1}[0-5]{0,1}[0-9]{1}$/', $this->data )) {
			if (! preg_match ( '/^[0-2]{0,1}[0-9]{1}[:]{1}[0-5]{0,1}[0-9]{1}$/', $this->data )) {
				$this->res ['ok'] = false;
				$this->res ['error'] = '【 ' . $this->CnName . ' 】格式错误,请重输！';
				return 0;
			}
		}
		if (strtotime ( $str_tmp ) === false) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】格式错误,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
	}
	private function _datetime() {
		if (! preg_match ( '/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2} [0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}$/', $this->data )) {
			if (! preg_match ( '/^[0-9]{4}-[0-9]{1,2}-[0-9]{1,2} [0-9]{1,2}:[0-9]{1,2}$/', $this->data )) {
				$this->res ['ok'] = false;
				$this->res ['error'] = '【 ' . $this->CnName . ' 】格式错误,请重输！';
				return 0;
			}
		}
		if (strtotime ( $this->data ) === false) {
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】格式错误,请重输！';
			return 0;
		}
		$this->res ['ok'] = true;
		$this->res ['data'] = $this->data;
	}
	
	private function _shenfenzheng(){
		if(ck_shengfenzheng($this->data)){
			$this->res ['ok'] = true;
			$this->res ['data'] = $this->data;			
		}else{
			$this->res ['ok'] = false;
			$this->res ['error'] = '【 ' . $this->CnName . ' 】格式错误,请重输！';
			return 0;
		}
	}
	
	/**
	 * 判断用户提交的密码是否复杂
	 * @param string $str 密码字符串
	 */
	private function _checkPassword($str){
	    
	    $k = 0;
	    
	    if(preg_match("/[a-z]/",$str)) $k++;
	    
	    if(preg_match("/[0-9]/",$str)) $k++;
	    
	    if(preg_match("/[A-Z]/",$str)) $k++;
	    
	    if(preg_match("/[^a-zA-Z0-9]/",$str)) $k++;
	    
	    if($k < 3) 
	        return false;
	    else 
	        return true;
	    
	}
}
